[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: /var/run/directory/



On Mon, 4 Oct 2004 03:37, Steve G <linux_4ever yahoo com> wrote:
> >There's still the general problem with discretionary access control here
> >too - A simple misconfiguration in for one of the daemons before it
> >drops root privileges could cause it to overwrite the pid file for
> >another daemon, violating the system security policy.
>
> I haven't seen this, you'd have to code an exploit just for it. But what I

I believe that the vast majority of exploits are created just for one 
particular bug.

Also there have been bugs related to problems in dropping privs, see the 
following URL for one example:

http://www.ale.org/archive/ale/ale-2000-06/msg00065.html

I recall that in late 2002 there was a game which had a security hole whereby 
corrupt game data could exploit a program that was started at boot as root, 
unfortunately I can't find the details.

> do see is daemons that crash leaving a pid file. Sooner or later a pid will
> match what's in the pid file and can be killed by mistake. (root is usually
> the only one that can do this.) I don't think this was mentioned so far in
> this thread. But this is the real problem that people run across more often
> wrt pid files, not overwriting a neighboring one.

The solution to this is to check the executable name as well as the PID before 
killing.  For SE Linux we will probably eventually want to go further and 
either check the process context or run the kill command in the same domain 
as the daemon.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]